feature: add rule for trojan source (#1431) · securego/gosec@424fc4c

Triggered via push December 11, 2025 09:20

ccojocar

pushed 424fc4c

v2.22.11

Status Failure

Total duration 37m 28s

Artifacts 1

release.yml

on: push

build

37m 24s

Annotations

1 error and 4 warnings

build

Process completed with exit code 1.

Legacy key/value format with whitespace separator should not be used: Dockerfile#L12

LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/

Default value for global ARG results in an empty or invalid base image name: Dockerfile#L10

InvalidDefaultArgInFrom: Default value for ARG golang:${GO_VERSION}-alpine results in empty or invalid base image name More info: https://docs.docker.com/go/dockerfile/rule/invalid-default-arg-in-from/

Default value for global ARG results in an empty or invalid base image name: Dockerfile#L2

InvalidDefaultArgInFrom: Default value for ARG golang:${GO_VERSION}-alpine results in empty or invalid base image name More info: https://docs.docker.com/go/dockerfile/rule/invalid-default-arg-in-from/

build

You are using 'latest' as default version. Will lock to '~> v2'.

Artifacts

Produced during runtime

Name	Size	Digest
securego~gosec~U03BCP.dockerbuild	159 KB	`sha256:1e0b30996c11d9d80ac8a875639b422bf95e4f7d969e46e18e2e7ac125dc7031`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

feature: add rule for trojan source (#1431) #48

Summary

feature: add rule for trojan source (#1431) #48

Uh oh!

Jobs

Run details

release.yml

Annotations

Artifacts